Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Traceability Analysis of Recent RFID Authentication Protocols

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Radio frequency identification (RFID) technology is a prominent technology which has been used in most authentication and identification applications. Above all, recently RFID systems have got more attention as an interesting candidate to implement in the internet of things systems. Although RFID systems provide useful and interest services to users, they can also threat the security and the privacy of the end-users. In order to provide the security and the privacy of RFID users, different authentication protocols have been proposed. In this study, we analyze the privacy of three RFID authentication protocols that proposed recently. For our privacy analysis, we use a formal RFID privacy model which proposed by Ouafi and Phan. It is shown that the privacy of all the analyzed protocols have some problems and cannot provide user privacy. Then, in order to keep and protect the privacy of RFID users, two improved versions of analyzed protocols are proposed which overcome all the existing weaknesses. Our privacy analysis show that privacy of improved protocols are complete and they are resistance against different traceability attacks such as traceability, backward traceability and forward traceability attacks. In addition, the privacy of the proposed protocols, analyzed protocols and some similar protocols is compared.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Australia, E.-C. (2014). Access control, sensor control, and transponders. http://www.rfid.com.au/rfiduhf.htm. Accessed 01 July 2014.

  2. Transport for London. (2014). http://www.tfl.gov.uk/microsites/interchange/82.aspx. Accessed 20 June 2014.

  3. Maharjan, S. (2010). RFID and IOT: An overview. Simula Research Laboratory, University of Oslo.

  4. Yang, L., Yu, P., Bailing, W., Yun, Q., Xuefeng, B., & Xinling, Y. (2013). Hash-based RFID mutual authentication protocol. International Journal of Security & Its Applications, 7(3), 183–194.

    Google Scholar 

  5. Song, B., & Mitchell, C. J. (2011). Scalable RFID security protocols supporting tag ownership transfer. Journal of Computer Communication, 34, 556–566.

    Article  Google Scholar 

  6. Safkhani, M., Peris-Lopez, P., Hernandez-Castro, J. C., Bagheri, N., & Naderi, M. (2011). Cryptanalysis of Cho et al.’s protocol, a hash-based mutual authentication protocol for RFID systems. Cryptology ePrint Archive, Report 2011/311. http://eprint.iacr.org/2011/331.pdf

  7. Yoon, E. J. (2012). Improvement of the securing RFID systems conforming to EPC class 1 generation 2 standard. Journal of Expert Systems Application, 39(11), 1589–1594.

    Article  Google Scholar 

  8. Asadpour, M., & Dashti, M. T. (2013). Scalable, privacy preserving radio-frequency identification protocol for the internet of things. Journal of Concurrency and Computation: Practice and Experience,. doi:10.1002/cpe.3165

    Google Scholar 

  9. Alagheband, M. R., & Aref, M. R. (2013). Unified privacy analysis of new found RFID authentication protocols. Security and Communication Networks, 6(8), 999–1009.

    Article  Google Scholar 

  10. Avoine, G., Bingol, M. A., Carpent, X., & Yalcin, S. B. O. (2013). Privacy-friendly authentication in RFID systems: On sublinear protocols based on symmetric-key cryptography. Journal of IEEE Transactions on Mobile Computing, 12(10), 2037–2049.

    Article  Google Scholar 

  11. Sohrabi-Bonab, Z., Alagheband, M., & Aref, M. R. (2013). Traceability analysis of quadratic residue-based RFID authentication protocols. In 11th Annual international conference on privacy, security and trust, pp. 61–68, Tarragona.

  12. Dehkordi, M. H., & Farzaneh, Y. (2014). Improvement of the hash-based RFID mutual authentication protocol. Wireless Personal Communications, 75(1), 219–232.

    Article  Google Scholar 

  13. Habibi, M. H., & Gardeshi, M. (2011). Cryptanalysis and improvement on a new RFID mutual authentication protocol compatible with EPC standard. In 8th International ISC conference on information security and cryptology (ISCISC), pp. 49–54.

  14. Avoine, G. (2005). Adversarial model for radio frequency identification. Cryptology ePrint Archive, report 2005/049. http://eprint.iacr.org/2005/049.pdf

  15. Juels, A. (2006). RFID security and privacy: A research survey. IEEE Journal on Selected Areas in Communications, 24(2), 381–394.

    Article  MathSciNet  Google Scholar 

  16. Avoine, G. (2012). Privacy-friendly synchronized ultralightweight authentication protocols in the storm. Journal of Network and Computer Applications, 35(2), 826–843.

    Article  Google Scholar 

  17. Phan, R. C. W. (2008). Cryptanalysis of a new ultralightweight RFID authentication protocol-SASI. IEEE Transaction Dependable and Secure Computing, 6(4), 316–320.

    Article  Google Scholar 

  18. Juels, A., & Weis, S. (2007). Defining strong privacy for RFID. In 5th Annual IEEE international conference on pervasive computing and communications, pp. 342–347.

  19. Vaudenay, S. (2007). On privacy models for RFID. In ASIACRYPT 2007, advances in cryptology, pp. 68–87.

  20. Ouafi, K., & Phan, R. C. W. (2008). Privacy of recent RFID authentication protocols. In 4th International conference on information security practice and experience.

  21. Deng, R. H., Li, Y., Yung, M., & Zhao, Y. (2010). A new framework work for RFID privacy. In 15th European symposium on research in computer security, Athens.

  22. Cho, J.-S., Jeong, Y.-S., & Park, S. O. (2012). Consideration on the brute-force attack cost and retrieval cost: A hash-based radio-frequency identification (RFID) tag mutual authentication protocol. Journal of Computers and Mathematics with Applications,. doi:10.1016/j.camwa.2012.02.025

    Google Scholar 

  23. Khedr, W. I. (2013). SRFID: A hash-based security scheme for low cost RFID systems. Egyptian Informatics Journal, 14(1), 89–98.

    Article  MathSciNet  Google Scholar 

  24. Chien, H. Y., & Chen, C. H. (2007). Mutual authentication protocol for RFID confirming to EPC class 1 generation 2 standards. Journal of Computer Standards & Interfaces, 29(2), 254–259.

    Article  MathSciNet  Google Scholar 

  25. Yeh, T. C., Wanga, Y. J., Kuo, T. Ch., & Wanga, S. S. (2010). Securing RFID systems conforming to EPC class 1 generation 2 standard. Journal of Expert Systems with Applications, 37, 7678–7683.

    Article  Google Scholar 

  26. Alavi, S. M., Baghery, K., & Abdolmaleki, B. (2014). Security and privacy flaws in a recent authentication protocol for EPC C1 G2 RFID tags. Advances in Computer Science: An International Journal, 3(5), 44–52.

    Google Scholar 

  27. Coisel, I., & Martin, T. (2013). Untangling RFID privacy models. Journal of Computer Networks and Communications,. doi:10.1155/2013/710275

    Google Scholar 

  28. Zhou, S., Zhang, Z., Luo, Z., & Wong, E. (2010). A lightweigth anti-desynchronization RFID authentication protocol. Information Systems Frontiers, 12, 521–528.

    Article  Google Scholar 

  29. Cho, J. S., Yeo, S. S., & Kim, S. K. (2011). Securing against brute-force attack: a hash-based RFID mutual authentication protocol using a secret value. Computer Communications, 34, 391–397.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Systems and Security Lab (ISSL), Sharif University of Technology, Tehran, Iran

    Karim Baghery, Behzad Abdolmaleki & Mohammad Reza Aref

  2. IHCU University, Tehran, Iran

    Seyed Mohammad Alavi

Authors
  1. Seyed Mohammad Alavi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Karim Baghery
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Behzad Abdolmaleki
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohammad Reza Aref
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Karim Baghery.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Alavi, S.M., Baghery, K., Abdolmaleki, B. et al. Traceability Analysis of Recent RFID Authentication Protocols. Wireless Pers Commun 83, 1663–1682 (2015). https://doi.org/10.1007/s11277-015-2469-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-015-2469-0

Keywords

Search

Navigation